<?php
	header("Content-Type: text/html;charset=utf-8");
	include("../_judge.php");
	include("../../function/function.php");
	
	$action = chkstr(trim($_REQUEST['action']));
	$admin_title = chkstr(trim($_REQUEST['admin_title']));
	$admin_username = chkstr(trim($_REQUEST['admin_username']));
	$admin_password = chkstr(trim($_REQUEST['admin_password']));
	$admin_repassword = chkstr(trim($_REQUEST['admin_repassword']));
	$admin_power = $_REQUEST['admin_power'];
	$now_time=date("Y-m-d H:i:s");
	$re_url = trim($_REQUEST['re_url']);
	$newsid = $_REQUEST['newsid'];
	$news_option = chkstr(trim($_REQUEST['news_option']));
	$id = chkstr(trim($_REQUEST['id']));

	if(is_array($newsid)){ // 拆分数组
		$newsid = implode(',',$newsid);
	}
	if(is_array($admin_power)){ // 拆分数组
		$admin_power = implode(',',$admin_power);
	}
	
	
	if($action == "add"){
		if(strlen($admin_username)<1 || strlen($admin_password)<1){
			echo erro("请将信息填写完整");
		}
		if($admin_password != $admin_repassword){
			echo erro("两次密码输入不一致");
		}
//		if(strlen($admin_power)<1){
//			echo erro("请选择权限");
//		}
		if(getNewsNums("kboy_admin","admin_username='$admin_username'")>0){
			echo erro("该用户已存在");
		}
		$admin_password = md5(md5($admin_password.$ServicePwdFix));
		
		// 添加数据
		$mysql = new sqlstr("kboy_admin"); 
		$mysql -> set("admin_title",$admin_title);
		$mysql -> set("admin_username",$admin_username);
		$mysql -> set("admin_password",$admin_password);
		$mysql -> set("admin_power",$admin_power);
		$news_sql = $mysql -> insertSql();
		$news_res = mysql_query($news_sql);
		if($news_res){
			echo ok("操作成功","newsmanage.php");
		}else{
			echo erro("服务器内部错误");
		}

	}elseif($action == "edit"){
		if(strlen($admin_password)>0){
			if(strlen($admin_password)<1 || strlen($admin_repassword)<1){
				echo erro("请将信息填写完整");
			}
			if($admin_password != $admin_repassword){
				echo erro("两次密码输入不一致");
			}
		}
//		if(strlen($admin_power)<1){
//			echo erro("请选择权限");
//		}
		if(!is_numeric($id)){
			echo erro("ID错误");
		}
		
		
		// 修改数据
		$mysql = new sqlstr("kboy_admin"); 
		$mysql -> set("admin_title",$admin_title);
		if(strlen($admin_password)>0){
			$admin_password = md5(md5($admin_password.$ServicePwdFix));
			$mysql -> set("admin_password",$admin_password);
		}
		$mysql -> set("admin_power",$admin_power);
		$news_sql = $mysql -> updateSql("id=$id");
		$news_res = mysql_query($news_sql);
		if($news_res){
			echo ok("操作成功","newsmanage.php");
		}else{
			echo erro("服务器内部错误");
		}

	}elseif($action == "del"){
		if($news_option == "del"){
			if(!empty($newsid)){
				if(getNewsNums("kboy_admin","id in($newsid)") == getNewsNums("kboy_admin","1=1")){
					echo erro("至少保留一位用户");
				}
			
				// 删除数据
				$mysql = new sqlstr("kboy_admin"); 
				$news_sql = $mysql -> deleteSql("id in($newsid)");
				$news_res = mysql_query($news_sql);
				if($news_res){
					echo ok("操作成功",$_SERVER['HTTP_REFERER']);
				}else{
					echo erro("服务器内部错误");
				}
			}else{
				echo erro("至少选择一条记录进行操作");
			}
		}else{
			erro("请选择要操作的方式");
		}
	}else{
		echo erro("参数错误");
	}
?>
